89 matches found
SasCam 2.6.5 - Remote HTTP Server Crash
No description provided by source. / DISCLAIMER THIS PROGRAM IS NOT INTENDED TO BE USED ON OTHER COMPUTERS AND IT IS DESTINED FOR PERSONAL RESEARCH ONLY!!!! Also the free software programs provided by fl0 fl0w may be freely distributed and that the disclaimer below is always attached to it. The...
CVE-2013-6485
Buffer overflow in util.c in libpurple in Pidgin before 2.10.8 allows remote HTTP servers to cause a denial of service application crash or possibly have unspecified other impact via an invalid chunk-size field in chunked transfer-coding data...
IBM Lotus Sametime Version Enumeration
This module scans an IBM Lotus Sametime web interface to enumerate the application's version and configuration information. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'uri' class MetasploitModule Release...
Blue Coat ICAP Patience Page XSS
The remote host is running a version of Blue Coat ProxySG that suffers from a XSS issue. An attacker can exploit this issue by sending a malicious link that will redirect the user to the ICAP 'Patience' page which will echo the link back, unfiltered. %NASLMINLEVEL 70300 C Tenable Network Security...
WordPress Brute Force and User Enumeration Utility
WordPress Authentication Brute Force and User Enumeration Utility This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress Brute Force and User Enumeration Utility', 'Description' = 'WordPress...
httpdx 1.5.4 Remote HTTP Server Denial of Service
Exploit for windows platform in category dos / poc !/usr/bin/perl -w ====================================================================== Exploit Title: httpdx v1.5.4 Remote HTTP Server DoS using wildcards Date: 18 July 2012 Exploit Author: st3n at sign funoverip dot net Vendor Homepage:...
SugarCRM 6.3.1 unserialize() PHP Code Execution
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'SugarCRM %q This module exploits a ph...
CVE-2012-0804
Heap-based buffer overflow in the proxyconnect function in src/client.c in CVS 1.11 and 1.12 allows remote HTTP proxy servers to cause a denial of service crash and possibly execute arbitrary code via a crafted HTTP response...
CVE-2012-1180
Use-after-free vulnerability in nginx before 1.0.14 and 1.1.x before 1.1.17 allows remote HTTP servers to obtain sensitive information from process memory via a crafted backend response, in conjunction with a client request...
CVE-2012-1180
Use-after-free vulnerability in nginx before 1.0.14 and 1.1.x before 1.1.17 allows remote HTTP servers to obtain sensitive information from process memory via a crafted backend response, in conjunction with a client request...
CVE-2012-1180
Use-after-free vulnerability in nginx before 1.0.14 and 1.1.x before 1.1.17 allows remote HTTP servers to obtain sensitive information from process memory via a crafted backend response, in conjunction with a client request...
Medium: nginx
Issue Overview: Use-after-free vulnerability in nginx before 1.0.14 and 1.1.x before 1.1.17 allows remote HTTP servers to obtain sensitive information from process memory via a crafted backend response, in conjunction with a client request. Affected Packages: nginx Issue Correction: Run yum updat...
Integard Home and Pro v2 Remote HTTP Buffer Overflow Exploit
Exploit for windows platform in category remote exploits ============================================================ Integard Home and Pro v2 Remote HTTP Buffer Overflow Exploit ============================================================ class Metasploit3 'Integard Home/Pro version 2.0',...
Mereo v1.9.2 Remote HTTP Server Denial Of Service
Exploit for windows platform in category dos / poc ================================================= Mereo v1.9.2 Remote HTTP Server Denial Of Service ================================================= !/usr/bin/python Title: Mereo v1.9.2 Remote HTTP Server DoS 0day By: CwG GeNiuS Email: cwggenius...
Mereo 1.9.2 - Remote HTTP Server Denial of Service
Mereo 1.9.2 - Remote HTTP Server Denial of Service !/usr/bin/python Title: Mereo v1.9.2 Remote HTTP Server DoS 0day By: CwG GeNiuS Email: cwggenius at gmail dot com Tested: XPSP3 Download: http://www.ohloh.net/p/mereo import socket, sys payload ="GET /"; payload+="X" 10000; payload+="...
Mereo 1.9.2 - Remote HTTP Server Denial of Service
!/usr/bin/python Title: Mereo v1.9.2 Remote HTTP Server DoS 0day By: CwG GeNiuS Email: cwggenius at gmail dot com Tested: XPSP3 Download: http://www.ohloh.net/p/mereo import socket, sys payload ="GET /"; payload+="X" 10000; payload+=" HTTP/1.1\r\n\r\n"; count = 1; try: while count 100: s =...
CVE-2010-0556
browser/login/loginprompt.cc in Google Chrome before 4.0.249.89 populates an authentication dialog with credentials that were stored by Password Manager for a different web site, which allows user-assisted remote HTTP servers to obtain sensitive information via a URL that requires authentication,...
CVE-2010-0556
CVE-2010-0556 describes a cross-origin weakness in Google Chrome’s Password Manager where credentials stored for one site could be populated into an authentication dialog triggered by a third-party page (demonstrated via IMG src). Affected versions include Chrome 3.0.195.38 and 4.0.249.78; Chrome...
Backported Security Patch Detection (WWW)
Security patches may have been 'backported' to the remote HTTP server without changing its version number. Banner-based checks have been disabled to avoid false positives. Note that this test is informational only and does not denote any security problem. C Tenable Network Security, Inc...
Buffer overflow
Buffer overflow in the browser kernel in Google Chrome before 2.0.172.33 allows remote HTTP servers to cause a denial of service application crash or possibly execute arbitrary code via a crafted response...